Best Practice ICS Protection

Given that the list of detection and prevention measures provided in the U.S. CERT alert is so extensive, Moreno Carullo, founder and chief technical officer at Nozomi Networks (a supplier of industrial cybersecurity technology), said it’s important for users to realize there is a key technique used to accomplish the type of monitoring recommended by CERT. That technique is hybrid threat detection. “This involves the use of signatures plus behavior-based anomaly detection to identify threats,” he said. “The results are correlated with each other and with operational context, providing rapid insight into what is happening, thereby reducing mitigation time.”